package com.lvtulife.common.web.component.xss;


import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;

/**
 * 防止 SQL 注入、防止脚本注入。
 */
public class XssFilter implements Filter {

	public void init(FilterConfig filterConfig) throws ServletException {
	}

	public void doFilter(ServletRequest request, ServletResponse response,
						 FilterChain chain) throws IOException, ServletException {
		// 强制类型转换 HttpServletRequest
		HttpServletRequest httpReq = (HttpServletRequest)request;
		// 构造HttpRequestWrapper对象处理XSS
		XssHttpServletRequestWraper httpReqWarp = new XssHttpServletRequestWraper(httpReq);
		chain.doFilter(httpReqWarp, response);
	}

	public void destroy() {
	}
}
